CVE-2018-5784 log

Severity Medium
Remote Yes
Type Denial of service
In LibTIFF before 4.0.10, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against the actual number of directory entries.
Group Package Affected Fixed Severity Status Ticket
AVG-813 libtiff 4.0.9-1 4.0.9-2 High Fixed
AVG-791 lib32-libtiff 4.0.9-1 4.0.10-1 High Fixed FS#60599
Date Advisory Group Package Severity Type
20 Nov 2018 ASA-201811-18 AVG-791 lib32-libtiff High multiple issues